Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1:Staging:C
tidy
tidy-fix-buffer-overflow.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tidy-fix-buffer-overflow.patch of Package tidy
Index: tidy-20100204cvs/src/lexer.c =================================================================== --- tidy-20100204cvs.orig/src/lexer.c +++ tidy-20100204cvs/src/lexer.c @@ -3467,16 +3467,18 @@ static tmbstr ParseValue( TidyDocImpl* d /* and prompts attributes unless --literal-attributes is set to yes */ /* #994841 - Whitespace is removed from value attributes */ - if (munge && + /* see https://github.com/htacg/tidy-html5/issues/217 -- + * Also only if/while (len > 0) - MUST NEVER GO NEGATIVE! */ + if ((len > 0) && munge && TY_(tmbstrcasecmp)(name, "alt") && TY_(tmbstrcasecmp)(name, "title") && TY_(tmbstrcasecmp)(name, "value") && TY_(tmbstrcasecmp)(name, "prompt")) { - while (TY_(IsWhite)(lexer->lexbuf[start+len-1])) + while (TY_(IsWhite)(lexer->lexbuf[start+len-1]) && (len > 0)) --len; - while (TY_(IsWhite)(lexer->lexbuf[start]) && start < len) + while (TY_(IsWhite)(lexer->lexbuf[start]) && (start < len) && (len > 0)) { ++start; --len;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor